ec_privkey_export_der() seems to be called as compressed mode ALWAYS. Is it on purpose? #10041

issue kobake openend this issue on March 21, 2017
  1. kobake commented at 3:50 am on March 21, 2017: contributor

    What version of bitcoin-core are you using?

    GitHub latest master. (3192e5278abca7c1f3b4a2a7f77a0ce941c73985)

    Describe the issue

    “compressed” argument of ec_privkey_export_der() seems to be bool-typed.

    ec_privkey_export_der function has a “compressed” argument and it accepts bool-typed value (0 or not 0) as far as I see the implementation of the function.

    https://github.com/bitcoin/bitcoin/blob/master/src/key.cpp#L70 https://github.com/bitcoin/bitcoin/blob/master/src/secp256k1/contrib/lax_der_privatekey_parsing.c#L56

    0if (compressed) {
    1    ....
    2} else {
    3    ....
    4}
    

    Passed values for the “compressed” are NOT ZERO ALWAYS.

    Actually, however, the passed values for the argument “compressed” are SECP256K1_EC_COMPRESSED or SECP256K1_EC_UNCOMPRESSED only, and Both of them are NOT ZERO.

    • SECP256K1_EC_COMPRESSED equals 0x102. (NOT ZERO)
    • SECP256K1_EC_UNCOMPRESSED equals 0x2. (NOT ZERO)

    https://github.com/bitcoin/bitcoin/blob/master/src/key.cpp#L149

    0ret = ec_privkey_export_der(secp256k1_context_sign,
    1  (unsigned char*)&privkey[0], &privkeylen, begin(),
    2  fCompressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED);
    

    https://github.com/bitcoin/bitcoin/blob/master/src/secp256k1/include/secp256k1.h#L147

    0#define SECP256K1_FLAGS_TYPE_COMPRESSION (1 << 1)
    1#define SECP256K1_FLAGS_BIT_COMPRESSION (1 << 8)
    2#define SECP256K1_EC_COMPRESSED (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION)
    3#define SECP256K1_EC_UNCOMPRESSED (SECP256K1_FLAGS_TYPE_COMPRESSION)
    

    My idea: Ignoring fCompressed variable.

    I think fCompressed makes no sense when calling ec_privkey_export_der(). Though, to keep compatibility, ec_privkey_export_der() should be called as compressed mode only as in the past, I think.

    I also think the fCompressed variable on ec_privkey_export_der() calling is now only noise and should be removed. I’d suggest my idea that calling ec_privkey_export_der() without considering fCompressed, as follows.

    0// idea1
    1ret = ec_privkey_export_der(secp256k1_context_sign,
    2  (unsigned char*)&privkey[0], &privkeylen, begin(), SECP256K1_EC_COMPRESSED);
    3
    4// idea2
    5ret = ec_privkey_export_der(secp256k1_context_sign,
    6  (unsigned char*)&privkey[0], &privkeylen, begin(), 1);
    

    What do you think of that?

    BTW: The implementation of ec_privkey_export_der() seems to be the copy of the library code, so I thought it’s not good to change it. Actually is that right?

  2. kobake renamed this:
    ec_privkey_export_der() seems to be called as compressed mode ALWAYS. Is it on purpoes?
    ec_privkey_export_der() seems to be called as compressed mode ALWAYS. Is it on purpose?
    on Mar 21, 2017
  3. fanquake added the label Questions and Help on Mar 21, 2017
  4. jonasschnelli commented at 8:05 am on March 21, 2017: contributor
    This indeed looks after a bug! Main problem is that we are checking for if (compressed) { inec_privkey_export_der and probably except a Boolean value while the function gets called with an argument of fCompressed ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED.
  5. kobake commented at 12:23 pm on March 21, 2017: contributor
    Thanks for your treating. I understood this is not a refactoring problem, but a bug.
  6. laanwj commented at 2:12 pm on April 7, 2017: member
    Thanks for reporting however this turns out to be just an awkwardness in representation, not really a bug, as it does not affect users in any way. It will change when a new, non-backwards compatible private key format is introduced instead of the the DER format (which is a waste of space anyway). See #10043.
  7. laanwj closed this on Apr 7, 2017

  8. DrahtBot locked this on Sep 8, 2021

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-18 21:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me